-
Notifications
You must be signed in to change notification settings - Fork 95
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
build: add linux release automation and release automation validation
Signed-off-by: Justin Alvarez <[email protected]>
- Loading branch information
Showing
7 changed files
with
480 additions
and
41 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,268 @@ | ||
name: CI | ||
on: | ||
push: | ||
branches: | ||
- main | ||
paths: | ||
- '.github/workflows/release-automation.yaml' | ||
- '.github/workflows/release-linux.yaml' | ||
- '.github/workflows/upload-build-to-S3.yaml' | ||
- '.github/workflows/build-and-test-msi.yaml' | ||
- '.github/workflows/build-and-test-pkg.yaml' | ||
- 'deps/finch-core' | ||
- 'CHANGELOG.md' | ||
pull_request: | ||
branches: | ||
- main | ||
paths: | ||
- '.github/workflows/release-automation.yaml' | ||
- '.github/workflows/release-linux.yaml' | ||
- '.github/workflows/upload-build-to-S3.yaml' | ||
- '.github/workflows/build-and-test-msi.yaml' | ||
- '.github/workflows/build-and-test-pkg.yaml' | ||
- 'deps/finch-core' | ||
- 'CHANGELOG.md' | ||
workflow_dispatch: | ||
permissions: | ||
id-token: write | ||
contents: write | ||
|
||
env: | ||
DEBUG: ${{ secrets.ACTIONS_STEP_DEBUG }} | ||
|
||
concurrency: | ||
group: ${{ github.workflow }}-${{ github.ref }} | ||
cancel-in-progress: true | ||
|
||
jobs: | ||
git-secrets: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Pull latest awslabs/git-secrets repo | ||
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | ||
with: | ||
repository: awslabs/git-secrets | ||
ref: 1.3.0 | ||
fetch-tags: true | ||
path: git-secrets | ||
- name: Install git secrets from source | ||
run: sudo make install | ||
working-directory: git-secrets | ||
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | ||
- name: Scan repository for git secrets | ||
run: | | ||
git secrets --register-aws | ||
git secrets --scan-history | ||
gen-code-no-diff: | ||
strategy: | ||
matrix: | ||
os: [macos-latest, windows-latest, ubuntu-latest] | ||
runs-on: ${{ matrix.os }} | ||
steps: | ||
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | ||
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | ||
with: | ||
go-version-file: go.mod | ||
cache: true | ||
- run: make gen-code | ||
- run: git diff --exit-code | ||
unit-tests: | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
os: [macos-latest, windows-latest, ubuntu-latest] | ||
runs-on: ${{ matrix.os }} | ||
steps: | ||
- name: Configure git CRLF settings | ||
run: | | ||
git config --global core.autocrlf false | ||
git config --global core.eol lf | ||
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | ||
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | ||
with: | ||
# Since this repository is not meant to be used as a library, | ||
# we don't need to test the latest 2 major releases like Go does: https://go.dev/doc/devel/release#policy. | ||
go-version-file: go.mod | ||
cache: true | ||
- run: make test-unit | ||
# It's recommended to run golangci-lint in a job separate from other jobs (go test, etc) because different jobs run in parallel. | ||
go-linter: | ||
name: lint | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | ||
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | ||
with: | ||
go-version-file: go.mod | ||
cache: false # caching can result in tar errors that files already exist | ||
- name: set GOOS env to windows | ||
run: | | ||
echo "GOOS=windows" >> $GITHUB_ENV | ||
- name: golangci-lint - windows | ||
uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1 | ||
with: | ||
# Pin the version in case all the builds start to fail at the same time. | ||
# There may not be an automatic way (e.g., dependabot) to update a specific parameter of a GitHub Action, | ||
# so we will just update it manually whenever it makes sense (e.g., a feature that we want is added). | ||
version: v1.56.1 | ||
args: --fix=false --timeout=5m | ||
- name: set GOOS env to darwin | ||
run: | | ||
echo "GOOS=darwin" >> $GITHUB_ENV | ||
- name: golangci-lint - darwin | ||
uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1 | ||
with: | ||
# Pin the version in case all the builds start to fail at the same time. | ||
# There may not be an automatic way (e.g., dependabot) to update a specific parameter of a GitHub Action, | ||
# so we will just update it manually whenever it makes sense (e.g., a feature that we want is added). | ||
version: v1.56.1 | ||
args: --fix=false --timeout=5m --skip-dirs="(^|/)deps($|/)" | ||
shellcheck: | ||
name: ShellCheck | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | ||
- name: Run ShellCheck | ||
uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # 2.0.0 | ||
with: | ||
version: v0.9.0 | ||
continue-on-error: true | ||
go-mod-tidy-check: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | ||
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | ||
with: | ||
go-version-file: go.mod | ||
cache: true | ||
# TODO: Use `go mod tidy --check` after https://github.com/golang/go/issues/27005 is fixed. | ||
- run: go mod tidy | ||
- run: git diff --exit-code | ||
check-licenses: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | ||
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | ||
with: | ||
go-version-file: go.mod | ||
cache: true | ||
- run: make check-licenses | ||
macos-e2e-tests: | ||
strategy: | ||
matrix: | ||
version: ['13', '14'] | ||
test-command: ['test-e2e-vm-serial', 'test-e2e-container'] | ||
arch: ['X64', 'arm64'] | ||
runner-type: ['test'] | ||
uses: ./.github/workflows/e2e-docs.yaml | ||
windows-e2e-tests: | ||
strategy: | ||
matrix: | ||
test-command: ['test-e2e-vm-serial', 'test-e2e-container'] | ||
arch: ['amd64'] | ||
runner-type: ['test'] | ||
uses: ./.github/workflows/e2e-docs.yaml | ||
linux-e2e-tests: | ||
strategy: | ||
matrix: | ||
os: ['amazonlinux'] | ||
arch: ['X64', 'arm64'] | ||
version: ['2023', '2'] | ||
runner-type: ['test'] | ||
uses: ./.github/workflows/e2e-docs.yaml | ||
|
||
mdlint: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | ||
- uses: avto-dev/markdown-lint@04d43ee9191307b50935a753da3b775ab695eceb # v1.5.0 | ||
with: | ||
args: '**/*.md' | ||
# CHANGELOG.md is only updated by release-please bot. | ||
ignore: 'CHANGELOG.md' | ||
|
||
get-intermediate-version: | ||
name: Create intermediate version | ||
runs-on: ubuntu-latest | ||
outputs: | ||
version: ${{ steps.get-intermediate-version.version }} | ||
steps: | ||
- name: Creates an intermediate version | ||
id: calculate-version | ||
run: | | ||
version=$(git describe --match 'v[0-9]*' --dirty='.modified' --always --tags) | ||
version="${version}-no-release" | ||
echo "version=$version" >> ${GITHUB_OUTPUT} | ||
release-linux: | ||
needs: get-intermediate-version | ||
uses: ./.github/workflows/release-linux.yaml | ||
secrets: inherit | ||
with: | ||
ref_name: "" | ||
version: ${{ needs.get-intermediate-version.outputs.version }} | ||
|
||
build-and-test-finch-msi: | ||
needs: get-intermediate-version | ||
uses: ./.github/workflows/build-and-test-msi.yaml | ||
secrets: inherit | ||
with: | ||
ref_name: "" | ||
version: ${{ needs.get-intermediate-version.outputs.version }} | ||
|
||
macos-aarch64-pkg-build: | ||
needs: get-intermediate-version | ||
uses: ./.github/workflows/build-pkg.yaml | ||
secrets: inherit | ||
with: | ||
os: macos | ||
arch: arm64 | ||
output_arch: aarch64 | ||
version: 14 | ||
tag: ${{ needs.get-intermediate-version.outputs.version }} | ||
|
||
macos-x86-64-pkg-build: | ||
needs: get-intermediate-version | ||
uses: ./.github/workflows/build-pkg.yaml | ||
secrets: inherit | ||
with: | ||
os: macos | ||
arch: amd64 | ||
output_arch: x86_64 | ||
version: 14 | ||
tag: ${{ needs.get-intermediate-version.outputs.version }} | ||
|
||
macos-aarch64-pkg-test: | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
version: [13, 14] | ||
needs: | ||
- get-intermediate-version | ||
- macos-aarch64-pkg-build | ||
uses: ./.github/workflows/test-pkg.yaml | ||
secrets: inherit | ||
with: | ||
os: macos | ||
arch: arm64 | ||
output_arch: aarch64 | ||
version: ${{ matrix.version }} | ||
tag: ${{ needs.get-intermediate-version.outputs.version } | ||
|
||
macos-x86-64-pkg-test: | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
version: [13, 14] | ||
needs: | ||
- get-intermediate-version | ||
- macos-x86-64-pkg-build | ||
uses: ./.github/workflows/test-pkg.yaml | ||
secrets: inherit | ||
with: | ||
os: macos | ||
arch: amd64 | ||
output_arch: x86_64 | ||
version: ${{ matrix.version }} | ||
tag: ${{ needs.get-intermediate-version.outputs.version } |
Oops, something went wrong.